Upload File

adding new users user as an entity - username(uid), gid. uid - typically a number for system to...

  • Home
  • Documents
  • Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set
11
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set of users that have similar functions. UID and GID together determine any user’s access rights to files and system resources. Password file - /etc/passwd file that stores user account information. Password file is readable by all but writable only by root.

Upload: shawn-ferguson

Post on 12-Jan-2016

216 views

Category:

Documents


2 download

Report

TRANSCRIPT

Page 1: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Adding New Users

User as an entity - username(UID), GID.

UID - typically a number for system to identify the user.

GID – a number that recognizes a set of users that have similar functions.

UID and GID together determine any user’s access rights to files and system resources.

Password file - /etc/passwd file that stores user account information.

Password file is readable by all but writable only by root.

Page 2: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

How To:

Assign username, uid, primary group.

Enter this information in /etc/passwd.

Assign a password.

Set user account parameters, password aging, account expiration date etc.

Create a home directory – users organization on the hard disk.

Place Initialization files in the user’s directory.

Use chown and chgrp to make the user the owner of his home directory and initialization files.

Page 3: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

How to (contd) :

Add the user to other facilities like disk quota system, mail system, printing system etc.

Site-specific initialization tasks.

Test the new account.

Page 4: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

/etc/passwd File :

System’s master list of user-information.An entry :

name:coded-passwd:UID:GID:user info:home-dir:shell

Entry can be added manually or using vipw cmd.Vipw – invokes an editor on /etc/ptmp file (copy of passwd file).NameCoded-passwd : new user gets asterisk(*). * is not present in the target character set for encrypted passwords, it can never be matched. Blank passwd : no passwd required to log in.

Page 5: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

/etc/passwd file (contd) :

UID : Unique identification numbers. Conventionally UIDs less than 100 are used for system accounts.

GID : Determines user’s primary group membership. This corresponds to a group in the /etc/group file. Conventionally GIDs less than 10 are used for system groups.

User info : Only field in the entry that can have space. Also called as GECOS field. Distinct items within this field are separated by commas.

Home-dir : Initial working directory.

Page 6: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

/etc/passwd file (contd):

Shell: The program that UNIX will use as a command interpreter for this user. This program is executed whenever the user logs in.

Instead of manually editing the /etc/passwd file, it is preferable to have commands to add new user, as more than one scattered files might need to be changed. With commands all the necessary file updations can be ensured.

Page 7: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Shadow password files :

Shadow files are protected from all access by non-root users and that store the encrypted passwords.When Shadow files are in use, the password fields in /etc/passwd are all set to “X”.Linux distributions don’t provide shadow files by default, but there is freely-available Shadow package that provides shadow password file support, password ageing and user account utilities.In systems, where shadow files are optional, pwconv command is used to create and update a shadow password file.

Page 8: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Setting Password Restrictions:

Specifying MINIMUM and MAXIMUM password lifetimes.

Specifying the minimum password length.

An entry in the shadow password file :

Name:coded-passwd:last_changed:min-days:max_days:warn_days:inactive_days:expire_date:

Passwd command can also be used to specify password aging parameters.

Page 9: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Creating home directory :

Use mkdir command to create the directory in appropriate location, such as :

# mkdir /home/gkalra1Login Initialization files: Files for the shell the account will run. For example, .profile file for Bourne shell.These files are used to perform tasks that only need to be executed upon login, such as : Setting search path, Setting default file protection(umask), setting terminal type and other environment variables.Shell Initialization files: Includes tasks that need to be executed whenever UNIX creates a new shell.

Page 10: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Creating home directory (contd) :

Shell initialization files can include tasks like setting shell variables, defining shell aliases. For example, C shell uses .cshrc as initialization file.

SHELL INITIALIZATION FILES ARE EXECUTED BEFORE LOGIN INITIALIZATION FILES.

X Initialization files.

Setting File ownership : After copying the appropriate initialization files to the user’s home directory, the owner of the files and directory is changed to be the user. This is done by chown command.

Page 11: Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set

Assigning a shell :

By default, if the last field of the /etc/passwd file is empty, /bin/sh (Bourne) shell is used.

Root accounts are usually set up to use the Bourne shell.

Adding the User to other System facilities : like system privileges, disk quota, defining mail alias, setting print queue access.

Adding the user to any secondary groups.

Any other site-specific tasks.

TEST the New Account by using se to recreate a user’s environment.


pysftp Documentation - Read the Docspysftp’s method allows you to specify just, gid or the uid or both. If either gid or uid is None (default), then pysftp If either gid or uid is

Analyzing Protection Quality of Security-Enhanced ... · Load kernel module, plant Trojan Horse, … State Transition SELinux: proc(uid, gid, domain) AppArmor: proc(uid, gid, profile)

Gid june 2015

people.sissa.itinno/pubs/batch-complete.pdf · Batch systems - Checkpointing/Job migration systems /1 With these systems usually the job is run under a single uid/gid (e.g. condor/condor)

GID 6th issue

SUSTAINABILITY - GID

03ClsStrcAdvSc Gid LaterTheory

UID user interface design

Copyright 2005 Abe Singer · 14 Copyright 2005 Abe Singer Jan 02 16:20:25 host.example.com adduser[12152]: new user: name=cgi, uid=0, gid=0, home=/home/cgi, shell=/bin/bash Jan 02

Oracle® Tuxedootndnld.oracle.co.jp/document/products/E13161_01/tuxedo/...Setting Up an Oracle Tuxedo Application v Characteristics of the UID, GID, and PERM Parameters . . . . .

95-752:6-1 Operating System Security. 95-752:6-2 Users UNIX user -> username -> uid –uid is systems real name for user –integer 0... 65536 (varies in

Linux Security Documentationblog.foool.net/wp-content/uploads/linuxdocs/security.pdfLinuxSecurityDocumentation 1.4TaskCredentials InLinux,allofatask’scredentialsareheldin(uid,gid)orthrough(groups,keys,

GiD 12 Basic Courses

GiD User Manual

Simple Unix Tricks: Detecting Break-Insbullwinkle.deer-run.com/~hal/MWVLUG-detecting.pdf · Set-UID and Set-GID Files New or modified set-UID and set-GID files should be a concern:

Erlebniswelt UID (UID World Of Experience)

LISA & GiD Impct Manual

Printer-friendly Version - GID

GiD Reference Manual

GiD 12 Advanced Courses

GID - Gas Processing Folder

GiD 11 Reference Manual

File System - National Chiao Tung Universityliuyh/course/sysadm/slides/03_FileSystem.pdf · setuid, setgid, sticky bit • setuid, setgid on file The effective uid/gid of resulting

IS 2150 / TEL 2810IS 2150 / TEL 2810 Information …181 User's user identification number (UID). 100 User's group identification number (GID). Rachel CohenRachel Cohen UserUsers's

Gid 3rd issue

GID-task 1

GID Echo v1n1 2014

Tutorial GiD

Gid 4th issue

HPE ProLiant ML110 Gen10 Server User Guide · 6 UID button/LED Solid blue Activated Flashing blue System is being managed remotely. Off Deactivated UID button functionality The UID

Fabric Consolidation With InfiniBand · Network Layer. Global Identifier (GID) addressing. IPv6 addressing scheme GID = {64 bit GID prefix, 64 bit GUID} GUID = Global Unique Identifier

03ClsStrcAdvSc Gid LaterTheory.pdf

User Management. Adding New Users Computer Center, CS, NCTU 3 ID User ID, Group ID % id liuyh uid=10047(liuyh) gid=200(dcs) groups=200(dcs),0(wheel),700(ta),800(security),888()

GiD Course

Dell EMC PowerScale OneFS: Authentication, Identity ......The UID maps to several Group Identifiers (GID) to determine access permissions. At login, the user ID is mapped to the matching